3

I am trying to create a way for anyone (ie public) to upload a file onto an Amazon S3 bucket so read a lot of documentation but hitting a roadblock because of my technical immaturity in this space. Here is what I did:

(1) Create a S3 bucket and set it up to host a static website

(2) Added this bucket policy direct to this bucket:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "PublicReadForGetBucketObjects",
            "Effect": "Allow",
            "Principal": "*",
            "Action": [
                "s3:GetObject",
                "s3:PutObject"
            ],
            "Resource": "arn:aws:s3:::testjn/*"
        }
    ]
}

(3) Created an index.html with the HTML contents filled from here and loaded onto the bucket (called testjn):

http://s3.amazonaws.com/doc/s3-example-code/post/post_sample.html

index.html looks like this:

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
</head>
<body>
<form action="[this is the endpoint]" method="post" enctype="multipart/form-data">
<input type="text" name="key" value="testfile.txt" />
<input type="text" name="acl" value="public-read" />
<input type="text" name="content-type" value="text/plain" />
<input type="hidden" name="AWSAccessKeyId" value="[this is the access key]" />
<input type="hidden" name="policy" value="ewogICJleHBpcmF0aW9uIjogIjIwMDktMDEtMDFUMTI6MDA6MDAuMDAwWiIsCiAgImNvbmRpdGlvbnMiOiBbCiAgICB7ImJ1Y2tldCI6ICJ0ZXN0am4iIH0sCiAgICB7ImFjbCI6ICJwdWJsaWMtcmVhZCIgfSwKICAgIFsiZXEiLCAiJGtleSIsICJ0ZXN0ZmlsZS50eHQiXSwKICAgIFsic3RhcnRzLXdpdGgiLCAiJENvbnRlbnQtVHlwZSIsICJ0ZXh0LyJdLAogIF0KfQo=" />
<input type="hidden" name="signature" value="mQEx+XUAJAVcuG+uip0EtmFs6Xo=" />
<input name="file" type="file" />
<input name="submit" value="Upload" type="submit" />
</form>
</body>
</html>

(4) Create IAM role with this policy:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "AllowGroupToSeeBucketListAndAlsoAllowGetBucketLocationRequiredForListBucket2",
            "Action": [
                "s3:ListAllMyBuckets",
                "s3:GetBucketLocation"
            ],
            "Effect": "Allow",
            "Resource": [
                "arn:aws:s3:::*"
            ]
        },
        {
            "Sid": "AllowRootLevelListingOfCompanyBucket2",
            "Action": [
                "s3:PutObject",
                "s3:ListBucket",
                "s3:GetBucketLocation"
            ],
            "Effect": "Allow",
            "Resource": [
                "arn:aws:s3:::testjn",
                "arn:aws:s3:::testjn/*"
            ]
        }
    ]
}

(5) I keep getting a "405 Method Not Allowed" error when trying to upload so think it's to do with the 2 policies OR something else .... I've been reading and researching now for 4 weeks and pulling all my hair out. So please can someone advise. Thanks

Jay Chilled
  • 33
  • 9

0 Answers0